U.S. Loosens Restrictions on Anthropic’s Mythos A.I. Model
The move de-escalates a clash between the Trump administration and the company over its cutting-edge artificial intelligence systems.
The move de-escalates a clash between the Trump administration and the company over its cutting-edge artificial intelligence systems.
This story originally appeared in The Algorithm, our weekly newsletter on AI. To get stories like this in your inbox first, sign up here. For those of you enjoying your summer unaware of Anthropic’s latest feud with the US government, here’s a recap: In April the company said it had built an AI model called Mythos…
Who should care: AI governance · Lawyers · Administrators · General readers · Policy · Privacy officers
New Jersey Supreme Court Requires Transparency for Facial Recognition Evidence Reason Magazine
Who should care: Privacy officers · Cybersecurity · General readers · Policy
Keeping kids safe online has become the linchpin to getting an artificial intelligence bill done in Washington. The House and Senate can’t seem to agree on either.
Who should care: AI governance · Lawyers · Administrators · General readers · Policy
CREATE AI Act Passes House Committee Americans for Responsible Innovation
Who should care: AI governance · Lawyers · Administrators · General readers · Policy
Former employee files complaint accusing company of ‘coercive surveillance’ and first amendment violation The Meta whistleblower Sarah Wynn-Williams is suing the tech company over its efforts to “silence” her. A 57-page complaint filed to a US district court in California on Thursday argues that an interim arbitration ruling sought by Meta preventing Wynn-Williams from publicising her memoir, Careless People, was “improper and unlawful” and a “blatant violation of the first amendment”. It also accuses the company of “coercive surveillance”. Continue reading...
Who should care: Lawyers · Privacy officers · Compliance · Cybersecurity · General readers · Policy
After a Wegmans disclosure, Erie County, New York, bans businesses from using facial recognition prismreports.org
Who should care: Privacy officers · Cybersecurity · General readers · Policy
As UK police embrace the AI revolution, a WIRED investigation reveals the messy inside story of one region’s experiment with predictive analytics.
Who should care: Lawyers · Privacy officers · Compliance · General readers · AI governance · Policy
Advanced chip packaging, which boosts computing power for artificial intelligence, has made the United States more reliant on Taiwan than ever.
Who should care: AI governance · Lawyers · Administrators · General readers · Policy
Cybersecurity risk is growing, and healthcare organizations are struggling to defend a rapidly increasing attack surface. AI tools are being […] The post Healthcare Report Highlights Growing Vendor Risk and Lack of Cyberattack Readiness appeared first on The HIPAA Journal.
Who should care: Healthcare professionals · Privacy officers · Compliance · General readers · AI governance · Policy
Okanogan Behavioral Healthcare, a Washington-based behavioral health services provider, has reached a settlement in a class action lawsuit stemming from a data breach affecting its patients. The resolution signals continued legal and financial exposure for smaller regional healthcare entities handling sensitive mental and behavioral health records.
Why this matters: Healthcare privacy officers and legal teams should note that behavioral health providers—often under-resourced—face significant class action liability following breaches, reinforcing the urgency of robust HIPAA-compliant security controls.
Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · Compliance · Healthcare professionals
Potential Avenues for Redress for AI-related Harms under the GDPR: A Visual Explanation - Center for Democracy and Technology
Who should care: Lawyers · Privacy officers · AI governance · General readers · Policy
Forget the grand legislative frameworks. The real rules for AI are being written in fights like this one — case by case, in public, between a single company and a single government.
Everyone is still waiting for a US federal privacy law. Meanwhile, the states already wrote one — you just have to read all of them at once.
An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious payload that remains invisible to security scanners, AI agents, and human reviewers. [...]
Who should care: General readers · AI governance · Policy
Silicon Valley billionaires backed Trump due to fears that Democrats would overregulate AI. Now the White House is restricting the release of new AI models — and tech lobbyists are cautiously searching for answers.
Who should care: General readers · AI governance · Policy
The U.S. government is asserting a new level of influence over AI, controlling which companies can access Anthropic's new models. OpenAI agreed to let the administration screen users of its new model.
Who should care: General readers · AI governance · Policy
After weeks of negotiations, the White House permitted Anthropic to grant access to its most advanced AI model to a select group of US companies and government agencies.
Who should care: General readers · AI governance · Policy
Cartoon: AI Regulation The Virginian-Pilot
Who should care: Lawyers · Compliance · General readers · AI governance · Policy
Sam Altman announces limited preview of GPT 5.6 in move that echoes launch of Anthropic’s Mythos Business live – latest updates OpenAI is staggering the release of its latest AI model after a request from the US government, in a move echoing the launch of Anthropic’s Mythos product. The company behind ChatGPT signalled its dissatisfaction with the move, saying that doing so keeps the best AI tools from “users, developers, enterprises, cyber defenders, and global partners who need them”. Continue reading...
Who should care: General readers · AI governance · Policy
The story of a woman who let a robot into her home. Plus, a discussion about why Silicon Valley has taken such an interest in taste.
Who should care: General readers · AI governance · Policy
Earlier this month, a German court ruled that Google is liable for its AI search summaries. Rejecting defenses like “users can check for themselves,” and that they generally know “that information generated with AI should not be blindly trusted,” the court held that the AI’s summaries are reflections of the company and “above all an expression of Google’s business activities.” This is the latest skirmish in a decades-old battle over internet publishing. Historically, there were two different types of information distributors: carriers and publis…
Who should care: General readers · AI governance · Policy
The European Data Protection Supervisor has released a newsletter covering four priority areas shaping EU digital governance: the Digital Omnibus legislative debate, cross-border health data protection, AI safeguards for the EU Visa Application Platform chatbot, and transparency obligations around EU fund usage.
Why this matters: Privacy officers, healthcare teams, and AI-governance professionals should monitor these EDPS developments closely, as they signal upcoming regulatory expectations across health data flows, public-sector AI deployment, and digital policy reform.
Who should care: Healthcare professionals · Privacy officers · Compliance · Lawyers · AI governance · General readers · Policy
How the UK’s ATRS strengthens algorithmic transparency, public trust and accountability in government AI. The post Designing transparency for government AI: Insights from the UK’s Algorithmic Transparency Recording Standard initiative appeared first on OECD.AI.
Who should care: AI governance · Lawyers · Administrators · General readers · Policy · Privacy officers
Exclusive: Union body finds workers describing themselves as ‘gambling’ because wages felt like the outcome of chance rather than work The practice of using “dynamic pricing” to set pay on gig economy platforms including Uber should be banned because it leaves workers at the mercy of shadowy algorithms with no certainty over their earnings, trade union leaders have urged. In a report exposing the human cost of the gig economy practice, the Trades Union Congress said pay was becoming decoupled from time, skill or effort. Instead, work had become a speculative practice with the rewards determin…
Who should care: AI governance · Lawyers · Administrators · General readers · Policy · Privacy officers
This story originally appeared in The Algorithm, our weekly newsletter on AI. To get stories like this in your inbox first, sign up here. For those of you enjoying your summer unaware of Anthropic’s latest feud with the US government, here’s a recap: In April the company said it had built an AI model called Mythos…
Who should care: AI governance · Lawyers · Administrators · General readers · Policy · Privacy officers
Advancing data protection and AI governance in the Southern Mediterranean region coe.int
Who should care: AI governance · Lawyers · Administrators · General readers · Policy · Privacy officers
When AI governance lands on privacy's desk IAPP
Who should care: AI governance · Lawyers · Administrators · General readers · Policy
Remarks by the Privacy Commissioner of Canada to the Venice Privacy Symposium – Intervention on AI governance
Who should care: AI governance · Lawyers · Administrators · General readers · Policy
Keeping kids safe online has become the linchpin to getting an artificial intelligence bill done in Washington. The House and Senate can’t seem to agree on either.
Who should care: AI governance · Lawyers · Administrators · General readers · Policy
The move de-escalates a clash between the Trump administration and the company over its cutting-edge artificial intelligence systems.
Who should care: AI governance · Lawyers · Administrators · General readers · Policy
OECD AI Policy Toolkit helps governments turn AI principles into action with practical guidance, policy examples and global insights. The post The OECD AI Policy Toolkit: Better AI policies for better lives appeared first on OECD.AI.
Who should care: AI governance · Lawyers · Administrators · Compliance · General readers · Policy
The writer who coined the word ‘enshittification’ tells us why AI will never deliver what it promises – and why it still appeals so much to those in power A “centaur”, in automation theory, is a person assisted by a machine, and a “reverse centaur”, hero of Cory Doctorow’s new book, The Reverse Centaur’s Guide to Life After AI, is a “human who is conscripted into acting as an assistant to a machine”. Every warehouse worker who ever had to urinate in a water bottle because they couldn’t otherwise meet the fulfilment targets set by an algorithm is a reverse centaur. Reaching into the future, ev…
Who should care: AI governance · Lawyers · Administrators · General readers · Policy · Privacy officers
This story originally appeared in The Algorithm, our weekly newsletter on AI. To get stories like this in your inbox first, sign up here. When I landed in Seoul after a grueling 12-hour flight from San Francisco, I walked through an unmanned immigration checkpoint, where a machine scanned my face and passport. On the subway home,…
Who should care: AI governance · Lawyers · Administrators · General readers · Policy · Privacy officers
AI Governance: Securing Privilege and Limiting Rule 34 Control JD Supra
Who should care: AI governance · Lawyers · Administrators · Compliance · General readers · Policy
The European Data Protection Supervisor has released a newsletter covering four priority areas shaping EU digital governance: the Digital Omnibus legislative debate, cross-border health data protection, AI safeguards for the EU Visa Application Platform chatbot, and transparency obligations around EU fund usage.
Why this matters: Privacy officers, healthcare teams, and AI-governance professionals should monitor these EDPS developments closely, as they signal upcoming regulatory expectations across health data flows, public-sector AI deployment, and digital policy reform.
Who should care: Healthcare professionals · Privacy officers · Compliance · Lawyers · AI governance · General readers · Policy
The Atlantic Council has examined how China navigates the tension between enabling international data flows and maintaining strict regulatory control over health data and AI systems, highlighting the country's dual approach to fostering innovation while asserting sovereignty over sensitive information.
Why this matters: Professionals operating in or partnering with Chinese entities must understand this regulatory duality, as it directly affects cross-border data transfer compliance, AI deployment agreements, and health data governance strategies.
Who should care: Healthcare professionals · Privacy officers · Compliance · AI governance · Lawyers · Administrators · General readers · Policy
Dark patterns force patients to share their data with big healthcare networks, even when the privacy form they’re signing explicitly says they can opt-out.
Who should care: Healthcare professionals · Privacy officers · Compliance · General readers · Policy
Health service has given US tech firm ‘unlimited access’ to certain data to build integrated platform, according to reports UK politics live – latest updates MPs have warned that an NHS decision to grant Palantir access to identifiable patient information in its plan to use AI to improve the health service is “dangerous” and will fuel public fears that data privacy is not being prioritised. NHS England has allowed staff from the US tech firm and other contractors to access patient data before it has been pseudonymised, despite internal fears of a “risk of loss of public confidence”, the Finan…
Who should care: Healthcare professionals · Privacy officers · Compliance · General readers · AI governance · Policy
Cybersecurity risk is growing, and healthcare organizations are struggling to defend a rapidly increasing attack surface. AI tools are being […] The post Healthcare Report Highlights Growing Vendor Risk and Lack of Cyberattack Readiness appeared first on The HIPAA Journal.
Who should care: Healthcare professionals · Privacy officers · Compliance · General readers · AI governance · Policy
Curiosity is not an excuse: protecting patient data in healthcare Information Commissioner's Office
Who should care: Healthcare professionals · Privacy officers · Compliance
They could have — and should have — anticipated great curiosity about this particular patient’s medical records. Did they control access well enough? Emily Stevens reports: The medical records of a young boy who was attacked by a crocodile at a Cambridgeshire zoo were accessed by up to 40 members of staff. The incident took... Source
Who should care: Healthcare professionals · Privacy officers · Compliance
Modernisation bill would require GPs and hospitals in England to share data, reducing errors and duplication Sharing access to patients’ health data across NHS providers in England could result in 20,000 fewer A&E visits a year and save £20m annually, the government has claimed, before the second reading of the NHS modernisation bill on Monday. The bill, which would also abolish NHS England, sets out measures including single patient records (SPR) for every person receiving health and social care in England, requiring GPs and hospitals to securely share data as part of the government’s 10…
Who should care: Healthcare professionals · Privacy officers · Compliance
A small practice owner who cannot define a Security Risk Analysis, has never read the HIPAA Security Rule, and does […] The post Why You Don’t Need to Understand HIPAA to Make Your Small Practice HIPAA Compliant appeared first on The HIPAA Journal.
Who should care: Healthcare professionals · Privacy officers · Compliance · Lawyers
Volunteers’ data has enabled medical breakthroughs, but there are questions over how that data is protected With the revelation that the confidential health records of half a million British volunteers have been put up for sale on a Chinese website, we take a look at what the UK Biobank project has achieved – and why concerns have been raised. Continue reading...
Who should care: Healthcare professionals · Privacy officers · Compliance
HIPAA Business Associates that create, receive, maintain, or transmit electronic Protected Health Information on behalf of HIPAA-covered entities are directly […] The post HIPAA Security Rule Training for Business Associates appeared first on The HIPAA Journal.
Who should care: Healthcare professionals · Privacy officers · Compliance · Lawyers
Data security incidents have been announced by the Colorado Health Network and Kentucky Mountain Health Alliance. In both cases, only […] The post Colorado Health Network; Kentucky Mountain Health Alliance Announce Data Breaches appeared first on The HIPAA Journal.
Who should care: Healthcare professionals · Privacy officers · Compliance
A forthcoming conference co-organized with EDPB trainees, scheduled for 9 July, will examine the growing use of artificial intelligence in hiring and recruitment workflows and the data protection challenges these practices create under current regulatory frameworks.
Why this matters: HR, legal, and privacy teams should monitor developments from this event, as EDPB involvement signals potential guidance or enforcement priorities around AI-driven recruitment tools.
Who should care: Lawyers · Privacy officers · AI governance · Administrators · Compliance · General readers · Policy
European regulators are preparing guidance that will clarify how the GDPR and the EU AI Act interact, offering organizations a clearer compliance framework where both regimes overlap. The forthcoming guidelines signal that data protection and AI governance obligations will need to be addressed in an integrated, rather than siloed, manner.
Why this matters: Privacy officers and AI governance teams should anticipate and begin reconciling dual compliance obligations before official guidelines release, as misalignment between GDPR and AI Act requirements could expose organizations to compounded regulatory risk.
Who should care: Lawyers · Privacy officers · AI governance · Administrators · General readers · Policy
An OECD.AI initiative called VIADUCT is examining how the AI industry can move beyond indiscriminate web scraping toward structured, consent-based data-sharing frameworks that address copyright obligations, GDPR compliance, and equitable access to training datasets.
Why this matters: Privacy officers, legal counsel, and AI governance teams should monitor VIADUCT's emerging frameworks, as they may shape regulatory expectations and contractual standards for lawful AI training data procurement.
Who should care: Lawyers · Privacy officers · AI governance · Administrators · General readers · Policy
Brussels, 22 June - Since its establishment in 2018, the core mission of the EDPB has been to uphold and safeguard the right to data protection. Over the years, the EDPB has played a key role in ensuring the consistent application of the GDPR across Europe, by providing guidance on key GDPR concepts and the interaction of the GDPR with other digital laws, as well as through the adoption of consistency opinions and binding decisions. The EDPB is also committed to making GDPR compliance easier for organisations and enhancing its dialogue with stakeholders. The EDPB is glad to announce today the…
Who should care: Lawyers · Privacy officers · AI governance · Compliance · General readers · Policy
Emerging technologies and the protection of children: G7 data protection authorities agree on key principles CNIL
Who should care: Lawyers · Privacy officers · AI governance · General readers · Policy
ICO Response to Scottish Government Consultation on Scottish Biometric Commissioner Functions Review May 2026 Information Commissioner's Office
Who should care: Lawyers · Privacy officers · AI governance · General readers · Policy
Potential Avenues for Redress for AI-related Harms under the GDPR: A Visual Explanation - Center for Democracy and Technology
Who should care: Lawyers · Privacy officers · AI governance · General readers · Policy
The UK Information Commissioner’s Office (ICO) has released a report titled “EdTech examined — Key Findings from Our Audits.” The ICO issued the following statement to accompany the report’s release: Today, the ICO has published ‘Edtech examined’, a new report which outlines how we have worked directly with edtech providers to review and improve data protection practices... Source
Who should care: Lawyers · Privacy officers · AI governance · General readers · Policy
Latest EDPS Newsletter out now ileanjoh Tue, 06/16/2026 - 17:08 Wed, 06/17/2026 - 12:00 Welcome to the latest edition of the EDPS Newsletter, featuring active AI governance and major supervisory milestones. Catch up on our Annual Report 2025, recommendations for the EU visa platform chatbot, insights from the Digital Omnibus high-level debate, and a preview of our upcoming trainees' conference on AI in hiring practices! 1 Read more here
Who should care: Lawyers · Privacy officers · AI governance · Administrators · General readers · Policy
When withdrawal cannot be effectively exercised: Rethinking consent validity under the GDPR IAPP
Who should care: Lawyers · Privacy officers · AI governance · General readers · Policy
Brussels, 25 June - The EDPB has published an update of the One-Stop-Shop (OSS) case digest on right to object and right to erasure. This project has been developed in the framework of the of the Support Pool of Experts programme, which aims to support cooperation among Data Protection Authorities (DPAs). Thematic one-stop-shop case digests are drafted on the basis of one-stop-shop decisions taken from the EDPB’s public register (based on Art.60 GDPR). Such case digests complement the EDPB's public register by selecting and presenting the most important decisions on a given theme and providin…
Who should care: Lawyers · Privacy officers · AI governance · General readers · Policy
EDPB and EDPS Joint Opinion on European Biotech Act CNIL
Who should care: Lawyers · Privacy officers · AI governance
Figures auto-extracted from headlines & excerpts — verify against the original source.
Okanogan Behavioral Healthcare, a Washington-based behavioral health services provider, has reached a settlement in a class action lawsuit stemming from a data breach affecting its patients. The resolution signals continued legal and financial exposure for smaller regional healthcare entities handling sensitive mental and behavioral health records.
Why this matters: Healthcare privacy officers and legal teams should note that behavioral health providers—often under-resourced—face significant class action liability following breaches, reinforcing the urgency of robust HIPAA-compliant security controls.
Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · Compliance · Healthcare professionals
A lawsuit targeting Madison Square Garden over a data breach has drawn renewed attention to owner James Dolan's controversial use of facial recognition technology at MSG venues, raising questions about how biometric data is collected, stored, and protected in live entertainment settings.
Why this matters: Privacy officers and legal teams should monitor this case closely, as it may establish precedent on biometric data liability and breach notification obligations for venues deploying facial recognition systems.
Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · Compliance · General readers · Policy
Italian prosecutors have confirmed that two journalists were targeted using Paragon spyware, advancing a broader national investigation into the tool's deployment. The identity of the party or parties who authorized the surveillance remains officially unresolved.
Why this matters: This case signals growing regulatory and prosecutorial scrutiny of commercial spyware vendors, with direct implications for organizations advising on lawful surveillance boundaries, press freedom protections, and device security posture.
Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · Compliance
Brussels, 10 June – During its latest plenary, the EDPB met with Michael McGrath, Commissioner for Democracy, Justice, the Rule of Law and Consumer Protection. In addition, the Board has adopted a common data breach notification template. The Board held a meeting with Commissioner McGrath, engaging in a fruitful discussion about common priorities and ongoing work on areas of mutual interest. The Digital Omnibus was among the key topics that shaped the discussion. The Board reiterated that, while several proposed changes have been welcomed by the Board, it is crucial not to adopt the proposed…
Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · AI governance · Compliance
Why data mining is functionally required after a HIPAA breach IAPP
Who should care: Cybersecurity · Privacy officers · Administrators · Healthcare professionals · Compliance
Longitudinal studies are a research jewel, shedding light on motor neurone disease, cot deaths, Alzheimer’s and more. Don’t let the security breach in China put you off joining one One thing Britain is exceptionally good at is collecting and using health data for research, studying cohorts of people over many decades. A shudder of alarm rippled through the research world at the news this week that UK Biobank’s data had been put up for sale on China’s Alibaba site, with the science minister, Patrick Vallance, saying that more attempts to sell the data in China were expected. Some sensationalis…
Who should care: Cybersecurity · Privacy officers · Administrators · Healthcare professionals · Compliance
Following a public comment period, the Federal Trade Commission finalized a modified order requiring Illuminate Education Inc. to implement a data security program, limit collection and retention of consumer data, and delete unnecessary data to settle charges that the company’s data security failures led to a major data breach involving the personal data of millions of students. In its complaint, the FTC alleged that Wisconsin-based Illuminate claimed to protect the privacy and security of the student data it maintained but failed to deploy reasonable security measures to prote…
Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · Compliance
EDPB meets with EU Commissioner McGrath and adopts common data breach notification template CNIL
Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · AI governance
The decision by Amazon-owned MGM Studios to drop the OpenAI movie is just part of AI and film industries becoming increasingly intertwined. On Uncanny Valley, we look at where this is all headed.
Who should care: Cybersecurity · Privacy officers · Administrators · General readers · AI governance · Policy
Managing Shadow AI’s Hidden Data Breach Risk francesco Mon, 06/15/2026 - 09:25 Mon, 06/15/2026 - 12:00 The use of unauthorised AI tools that can expose personal data, create regulatory blind spots, and open security vulnerabilities. 1 Read blogpost by Wojciech Wiewiórowski
Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · Compliance · General readers · AI governance · Policy
Children’s online safety groups are pressing House lawmakers to oppose the bipartisan measure, arguing that it weakens safeguards.
Who should care: Cybersecurity · Privacy officers · Administrators
Owen Flowers and Thalha Jubair were convicted for their roles in the attack, which led to large costs for Transport for London.
Who should care: Cybersecurity · Privacy officers · Administrators
Figures auto-extracted from headlines & excerpts — verify against the original source.
UK Information Commissioner John Edwards has temporarily recused himself from his role while the ICO conducts an independent inquiry into undisclosed internal HR matters. Edwards confirmed his cooperation with the investigation via a LinkedIn statement, leaving the data protection regulator without its principal figurehead during the probe.
Why this matters: Leadership instability at the ICO could affect the pace and consistency of regulatory decisions, enforcement actions, and guidance relevant to privacy, AI governance, and data protection compliance across sectors.
Who should care: Lawyers · Privacy officers · Compliance · AI governance · General readers · Policy
A Fort Myers man has filed a lawsuit against Jacksonville Beach police and the Jacksonville Sheriff's Office, alleging that AI-powered facial recognition technology misidentified him and resulted in a wrongful arrest. The case highlights ongoing concerns about the reliability and civil rights implications of law enforcement's use of automated identification systems.
Why this matters: This litigation signals growing legal exposure for agencies deploying facial recognition, reinforcing the need for legal and governance teams to audit AI tool accuracy, bias risks, and civil liability frameworks before deployment.
Who should care: Lawyers · Privacy officers · Compliance · Cybersecurity · General readers · AI governance · Policy
Canada's Privacy Commissioner concluded an investigation finding that the companies behind the Grok chatbot violated Canadian privacy law in connection with the generation of sexualized deepfake content, marking a significant regulatory enforcement action in the AI-generated imagery space.
Why this matters: Privacy and AI-governance teams should note this signals active regulatory scrutiny of generative AI platforms under existing privacy frameworks, with potential liability implications for companies deploying similar tools.
Who should care: Lawyers · Privacy officers · Compliance · General readers · AI governance · Policy
Health data: fine of 5 million euros against IQVIA CNIL
Who should care: Lawyers · Privacy officers · Compliance · Healthcare professionals
Brussels, 24 June – The EDPB has launched a dedicated contact form for stakeholders to report possible inconsistencies in how the GDPR is interpreted across Europe. This initiative reflects the commitments set out in the EDPB Helsinki Statement on enhanced clarity, support and engagement, aimed at strengthening the dialogue with stakeholders and ensuring consistent GDPR enforcement across Europe. The new tool enables stakeholders to report alleged divergences between national positions, as well as between national positions and those of the EDPB. The EDPB will not respond to individual submis…
Who should care: Lawyers · Privacy officers · Compliance · AI governance
The state of enforcement: Part I — Consumer privacy rights IAPP
Who should care: Lawyers · Privacy officers · Compliance · General readers · Policy
The Markup and CalMatters showed how website code could make it harder for Californians to exercise their right to remove personal data. Now much of that code has disappeared.
Who should care: Lawyers · Privacy officers · Compliance · General readers · Policy
Fines Data Protection Commission
Who should care: Lawyers · Privacy officers · Compliance · General readers · Policy
As UK police embrace the AI revolution, a WIRED investigation reveals the messy inside story of one region’s experiment with predictive analytics.
Who should care: Lawyers · Privacy officers · Compliance · General readers · AI governance · Policy
The Federal Trade Commission today began enforcing the TAKE IT DOWN Act (TIDA), a law requiring platforms, at the request of victims, to remove intimate photos or videos shared online without victims’ consent. As part of its enforcement role, the FTC has launched TakeItDown.ftc.gov, a website allowing victims and survivors to submit complaints about platforms that have failed to act on valid requests for the removal of nonconsensual intimate images. The website also accepts complaints about platforms that have failed to create a process for people to request removal of these images. “Thanks t…
Who should care: Lawyers · Privacy officers · Compliance · General readers · Policy
The iPhone and iPad bug allowed law enforcement using forensic tools to read messages that had long been deleted by the Signal app.
Who should care: Lawyers · Privacy officers · Compliance
Former employee files complaint accusing company of ‘coercive surveillance’ and first amendment violation The Meta whistleblower Sarah Wynn-Williams is suing the tech company over its efforts to “silence” her. A 57-page complaint filed to a US district court in California on Thursday argues that an interim arbitration ruling sought by Meta preventing Wynn-Williams from publicising her memoir, Careless People, was “improper and unlawful” and a “blatant violation of the first amendment”. It also accuses the company of “coercive surveillance”. Continue reading...
Who should care: Lawyers · Privacy officers · Compliance · Cybersecurity · General readers · Policy
Emerging technologies and the protection of children: G7 data protection authorities agree on key principles CNIL
Who should care: Lawyers · Privacy officers · AI governance · General readers · Policy
The state of enforcement: Part I — Consumer privacy rights IAPP
Who should care: Lawyers · Privacy officers · Compliance · General readers · Policy
News release
Who should care: General readers · Privacy officers · Policy
The European Data Protection Supervisor has released a newsletter covering four priority areas shaping EU digital governance: the Digital Omnibus legislative debate, cross-border health data protection, AI safeguards for the EU Visa Application Platform chatbot, and transparency obligations around EU fund usage.
Why this matters: Privacy officers, healthcare teams, and AI-governance professionals should monitor these EDPS developments closely, as they signal upcoming regulatory expectations across health data flows, public-sector AI deployment, and digital policy reform.
Who should care: Healthcare professionals · Privacy officers · Compliance · Lawyers · AI governance · General readers · Policy
Brussels, 25 June - The EDPB has published an update of the One-Stop-Shop (OSS) case digest on right to object and right to erasure. This project has been developed in the framework of the of the Support Pool of Experts programme, which aims to support cooperation among Data Protection Authorities (DPAs). Thematic one-stop-shop case digests are drafted on the basis of one-stop-shop decisions taken from the EDPB’s public register (based on Art.60 GDPR). Such case digests complement the EDPB's public register by selecting and presenting the most important decisions on a given theme and providin…
Who should care: Lawyers · Privacy officers · AI governance · General readers · Policy
Mental health providers are increasingly using AI technology to record conversations, raising privacy concerns among patients and practitioners.
Who should care: General readers · AI governance · Policy
Data Protection Commission announces final decision into Midlands Regional Hospital Tullamore inquiry Data Protection Commission
Who should care: General readers · Privacy officers · Policy
AI can strengthen food security, resilience and sustainability in agriculture. Explore key challenges and opportunities for agri-food systems. The post AI for inclusive and resilient agri-food systems: Potential ways forward appeared first on OECD.AI.
Who should care: AI governance · Lawyers · Administrators · General readers · Policy
EDPB meets with EU Commissioner McGrath and adopts common data breach notification template CNIL
Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · AI governance
Notes from the IAPP Canada: Digital policy wave in Canada gathers force IAPP
Statement by the Privacy Commissioner of Canada on Bill C-36, the Protecting Privacy and Consumer Data Act
Espresso with the EDPS: AI Literacy miriam Tue, 06/23/2026 - 13:31 Tue, 06/23/2026 - 12:00 What does it mean to be AI literate? And why does it matter for all of us? The first episode of our new video series "Espresso with the EDPS" by Secretary General, is now live! 1 Watch it
Who should care: Lawyers · Privacy officers · AI governance · General readers · Policy